Schneider-Electric Modicon Quantum 140NOE77111 Firmware

CPE Details

Schneider-Electric Modicon Quantum 140NOE77111 Firmware
schneider-electric
modicon_quantum_140noe77111_firmware
-
2020-02-28
16h26 +00:00
2020-02-28
16h26 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

schneider-electric

Product

modicon_quantum_140noe77111_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-37301 2022-11-21 23h00 +00:00 A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)
7.5
Haute
CVE-2020-7562 2020-11-18 12h54 +00:00 A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP.
8.1
Haute
CVE-2020-7564 2020-11-18 12h51 +00:00 A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP.
8.8
Haute
CVE-2020-7563 2020-11-18 12h50 +00:00 A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.
8.8
Haute
CVE-2019-6811 2019-09-17 17h55 +00:00 An Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability exists in Modicon Quantum 140 NOE771x1 version 6.9 and earlier, which could cause denial of service when the module receives an IP fragmented packet with a length greater than 65535 bytes. The module then requires a power cycle to recover.
7.5
Haute